IPv6 fears seen unfounded

[InfoSec News <isn () c4i org>]

http://www.nwfusion.com/news/2003/1215ipv6.html

By Carolyn Duffy Marsan
Network World
12/15/03

ARLINGTON, VA. - Early adopters of IPv6 say deployment of this upgrade
to the Internet's main communications protocol is significantly easier
than expected and costs less than anticipated.

These findings run counter to longstanding conventional wisdom from
the Internet engineering community, which for years has warned ISPs
and corporate network managers about the need to prepare for a
time-consuming and expensive upgrade to IPv6.

The U.S. Department of Defense and several universities reported
positive feedback about their IPv6 deployments at the U.S. IPv6 Summit
2003, held last week in Arlington, Va.

The Internet Engineering Task Force (IETF) has worked on IPv6 since
1992. While the transition to IPv6 has taken longer than advocates
expected, that pace appears to have generated an unintended benefit:  
Now that users want to deploy IPv6, it's already bundled in the
hardware and software they need to buy in the course of normal
infrastructure upgrades.

"IPv6 is less complex than we thought, and it doesn't take as many
resources as we thought,'' says Jim Bound, chairman of the North
American IPv6 Task Force and an HP fellow. Bound has been involved in
IPv6 development and transition issues for nearly a decade.

IPv6 promises easier administration, tighter security, greater
mobility and an enhanced addressing scheme over IPv4, the Internet's
current protocol. IPv6 uses a 128-bit addressing scheme and can
support a virtually limitless number of uniquely identified systems on
the Internet. In contrast, IPv4 supports only a few billion systems
because it uses a 32-bit addressing scheme.

The North American IPv6 Task Force joined the military and university
communities in building the largest-ever network based on IPv6. Dubbed
Moonv6, this network connects more than 80 servers, switches and nodes
in eight states. Moonv6 was completed in October and is running IPv6
and IPv4.

"We were all shocked'' at how simple it was to deploy Moonv6, Bound
says. "It went way easier than we thought. But the trick is you have
to plan, plan, plan.''

More significant for corporate network managers is the idea that IPv6
will require few additional costs beyond regular network upgrades.  
That's what NTT subsidiary Verio discovered as it developed the first
commercial IPv6 service in the U.S., which it announced last week at
the summit.

"There wasn't a lot of cost to deploy our IPv6 service,'' says Cody
Christman, director of product engineering for Verio. "IPv6 has been
on our road map since 1997. We've always kept it in mind when we were
upgrading our switches and routers.''

Verio has priced its new IPv6 offerings at the same rates as its IPv4
services. The company now offers commercial IPv6 service at every
location in the U.S. where it offers Internet access.

"It's kind of a myth that when people deploy IPv6 it's going to
require an enormous capital expenditure,'' Christman says. "It
definitely wasn't the case at Verio.''

The IETF finalized the main IPv6 specifications in 1998. However, IPv6
has taken the intervening years to gain momentum among network vendors
and ISPs.

IPv6 deployment is easier and costs less than anticipated because the
protocol now ships with many networking products. All the major router
manufacturers - including Cisco, Juniper, Foundry Networks and Extreme
Networks - support IPv6. Microsoft supports IPv6 in Windows XP, and
IPv6 comes bundled with the most popular versions of Unix and Linux.  
Key public domain software packages such as the Mozilla Web browser,
Apache Web server and Sendmail e-mail software also support IPv6.

"All the network infrastructure components are IPv6 enabled,'' Bound
says. "What we're still missing are software applications. We need the
major business applications such as Oracle, PeopleSoft and SAP to
support IPv6.'' These applications are coming, as evidenced by Oracle
executives unveiling their IPv6 road map at the IPv6 Summit last week.

Industry observers now expect corporations to upgrade to IPv6
gradually as individual departments need newer software and hardware.  
IPv6 and IPv4 will coexist for many years because most companies
replace desktops, servers and network gear every few years.

"IPv6 deployment will be interesting because it will not happen
overnight,'' says Ben Schultz, managing engineer at the University of
New Hampshire's Interoperability Lab in Durham. "Instead, there are
going to be small experimental pockets within companies. . . . There's
always going to be some legacy router that's a pain to upgrade and
you'll have to tunnel around it.''

Early adopters say that because IPv6 comes bundled with network
hardware and software, deployment costs are low. Verio found its IPv6
deployment costs to be negligible because the protocol comes built in
with the latest router software. Verio uses routers from Cisco and
Juniper.

"It does have to be tested like any [Juniper or Cisco software]
rollout," Christman says. "We also modified our provisioning and
automated network monitoring tools. But the costs are not significant
from an ISP standpoint.''

That's why Verio is not charging a premium for its IPv6 service.  
Corporate network managers can purchase an IPv6 fractional DS-3 line
for the same cost as an IPv4 fractional DS-3, he says.

Easy to deploy

Early adopters of IPv6 also are finding that the protocol is easier to
deploy than expected.

The high-speed Abilene network, which links 200 U.S. universities, has
enabled IPv6 on half of its network connectors. About 40 universities
use the new protocol.

"You have to have routers capable of doing IPv6,'' says Rick
Summerhill, associate director of backbone network infrastructure for
the Internet2 consortium, which operates Abilene. "All we did was take
our backbone and add IPv6 to our 11 [Juniper] routers. . . . It was
easy.''

Summerhill predicts most universities that use Abilene will upgrade to
IPv6 within three years. He says the upgrade to IPv6 will not be that
expensive because it will happen as part of a "natural evolution'' of
university networks.

"Putting IPv6 on a network backbone is relatively simple. Even
regional-type networks are relatively easy,'' Summerhill says. "Closer
to the [network] edges, the routing infrastructures may not be
IPv6-capable. That may be a little harder. So people will evolve to it
over three or four years.''

The positive feedback from early adopters of IPv6 is good news for the
Defense Department, which has committed to a complete migration to
IPv6 by 2008. The Defense Department's CIO John Stenbit has mandated
that all IT purchases after Oct. 1, 2003 be IPv6-capable.

The Defense Department supports Moonv6, which links the University of
New Hampshire's Interoperability Laboratory with military sites in
Arizona, California, Illinois, Maryland, New Jersey, South Carolina
and Virginia. Twenty-six network vendors have tested their hardware
and software for IPv6 compliance and interoperability on the Moonv6
backbone.

Maj. Roswell Dixon, who oversees IPv6 testing for the Joint
Interoperability Test Command at Ft. Huachuca in Arizona, says about
90% of the interoperability testing on Moonv6 has been successful.

Some of the IETF's IPv6 specifications "left a little room for
interpretation,'' Dixon says. "We need better defined [specifications]
but these are little glitches that can be fixed. We see no
showstoppers with IPv6.''

Dixon says the military is migrating to IPv6 because of the mobility
and security benefits that it offers. "We need IPv6 for
network-centric warfare,'' he says.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.